ARP Spoofing
ARP has no authentication. An attacker can send unsolicited (gratuitous) ARP replies claiming to be any IP - poisoning victim ARP caches and enabling man-in-the-middle interception.
ARP Cache (Victim)
| IP | MAC | Status |
|---|---|---|
| Cache empty | ||
Spoofed ARP Packet
Opcode
-
Sender MAC
-
Sender IP
-
Target
-
Event Log